[SCM] Samba Shared Repository - branch v4-17-test updated
Jule Anger
janger at samba.org
Mon Sep 19 05:04:02 UTC 2022
The branch, v4-17-test has been updated
via bb86d2f3a10 CVE-2021-20251 s3: Ensure bad password count atomic updates for SAMR AES password change
via 9aabf78216f CVE-2021-20251 s3:rpc_server: Split change_oem_password() call out of samr_set_password_aes()
via 619ffc2a2fb CVE-2021-20251 dsdb/common: Remove transaction logic from samdb_set_password()
via 7fe10442b76 CVE-2021-20251 s4-rpc_server: Extend scope of transaction for ChangePasswordUser3
via 7b28bd10803 CVE-2021-20251 s4-rpc_server: Use user privileges for SAMR password change
via b8c123d02d0 CVE-2021-20251 s4-rpc_server: Use authsam_search_account() to find the user
via 0044f598dd4 s3:rpc_server: Use BURN_STR() to zero password
via 3d7a2a3603e lib:replace: Add macro BURN_STR() to zero memory of a string
via beb63ae03b7 libcli:auth: Keep passwords from convert_string_talloc() secret
via c3d6964fccd lib:util: Check memset_s() error code in talloc_keep_secret_destructor()
via 3e54aabd9e3 CVE-2021-20251 s3: Ensure bad password count atomic updates for SAMR password change
via 5c8bbe3e74c CVE-2021-20251 s3: ensure bad password count atomic updates
via 13efa626188 CVE-2021-20251 s4:auth_winbind: Check return status of authsam_logon_success_accounting()
via b3f48fae13e CVE-2021-20251 s4-rpc_server: Check badPwdCount update return status
via 5befe31c651 CVE-2021-20251 s4:kdc: Check badPwdCount update return status
via 4adcada4104 CVE-2021-20251 s4:kdc: Check return status of authsam_logon_success_accounting()
via 5f1bafdd3f0 CVE-2021-20251 s4:kdc: Move logon success accounting code into existing branch
via 4d0cba69c8f CVE-2021-20251 s4:dsdb: Make badPwdCount update atomic
via 254e94892cd CVE-2021-20251 s4:dsdb: Update bad password count inside transaction
via 3a96ccbb841 CVE-2021-20251 s4-auth: Pass through error code from badPwdCount update
via 446cfe34523 CVE-2021-20251 auth4: Avoid reading the database twice by precaculating some variables
via 11673522912 CVE-2021-20251 auth4: Inline samdb_result_effective_badPwdCount() in authsam_logon_success_accounting()
via ffe43511bb9 CVE-2021-20251 auth4: Split authsam_calculate_lastlogon_sync_interval() out
via fa22c9bf2be CVE-2021-20251 auth4: Return only the result message and free the surrounding result
via e0fdfce1327 CVE-2021-20251 auth4: Add missing newline to debug message on PSO read failure
via d07f34ec394 CVE-2021-20251 s4 auth: make bad password count increment atomic
via 180784c49b3 CVE-2021-20251 auth4: Detect ACCOUNT_LOCKED_OUT error for password change
via 2e4c6196d88 CVE-2021-20251 s4 auth test: Unit tests for source4/auth/sam.c
via 674dbeaca07 CVE-2021-20251 auth4: Reread the user record if a bad password is noticed.
via d57c4ea9599 CVE-2021-20251 s4 auth: Prepare to make bad password count increment atomic
via 2dc965ad1d8 CVE-2021-20251 auth4: split samdb_result_msds_LockoutObservationWindow() out
via 276d81368ec CVE-2021-20251 s4-rpc_server: Use authsam_search_account() to find the user
via b82543978d1 CVE-2021-20251 tests/krb5: Add tests for password lockout race
via 0b3604e6e0d CVE-2021-20251 lib:crypto: Add Python functions for AES SAMR password change
via 518818b3c10 CVE-2021-20251 lib:crypto: Add md4_hash_blob() for hashing data with MD4
via d4ae8610ea3 CVE-2021-20251 lib:crypto: Add des_crypt_blob_16() for encrypting data with DES
via 1263a8a5213 lib:crypto: Use constant time memory comparison to check HMAC
via af7c57e0376 lib:crypto: Check for overflow before filling pauth_tag array
via 7656b3e7b95 s4:torture: Zero samr_UserInfo union in password set test
via 1b0f292ecd0 lib:crypto: Zero auth_tag array in encryption test
via cb7fbb42df6 s3:rpc_server: Fix typo in error message
from 31bfee4b7a6 VERSION: Bump version up to Samba 4.17.1...
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-17-test
- Log -----------------------------------------------------------------
commit bb86d2f3a10edbe27aa2edeafce0475b9cd79feb
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:43:19 2022 +1200
CVE-2021-20251 s3: Ensure bad password count atomic updates for SAMR AES password change
The bad password count is supposed to limit the number of failed login
attempt a user can make before being temporarily locked out, but race
conditions between processes have allowed determined attackers to make
many more than the specified number of attempts. This is especially
bad on constrained or overcommitted hardware.
To fix this, once a bad password is detected, we reload the sam account
information under a user-specific mutex, ensuring we have an up to
date bad password count.
We also update the bad password count if the password is wrong, which we
did not previously do.
Derived from a similar patch to source3/auth/check_samsec.c by
Jeremy Allison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Sep 13 00:08:07 UTC 2022 on sn-devel-184
(cherry picked from commit 8ae0c38d54f065915e927bbfe1b656400a79eb13)
Autobuild-User(v4-17-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-17-test): Mon Sep 19 05:03:03 UTC 2022 on sn-devel-184
commit 9aabf78216f91aee6abcd401b10f1ca01f544be0
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:43:09 2022 +1200
CVE-2021-20251 s3:rpc_server: Split change_oem_password() call out of samr_set_password_aes()
Now samr_set_password_aes() just returns the new password in a similar
manner to check_oem_password(). This simplifies the logic for the
following change to recheck whether the account is locked out, and to
update the bad password count.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 1d869a2a666cfada1495d891021de6c2b8567a96)
commit 619ffc2a2fb50d87d771ea316818c65139c79e5a
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:40:01 2022 +1200
CVE-2021-20251 dsdb/common: Remove transaction logic from samdb_set_password()
All of its callers, where necessary, take out a transaction covering the
entire password set or change operation, so a transaction is no longer
needed here.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 7981cba87e3a7256b12bfc5fdd89b136c12979ff)
commit 7fe10442b7670b35101218ee3e9a303cc573618c
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:39:43 2022 +1200
CVE-2021-20251 s4-rpc_server: Extend scope of transaction for ChangePasswordUser3
Now the initial account search is performed under the transaction,
ensuring the overall password change is atomic. We set DSDB_SESSION_INFO
to drop our privileges to those of the user before we perform the actual
password change, and restore them afterwards if we need to update the
bad password count.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit fcabcb326d385c1e1daaa8dae9820e33a3868f56)
commit 7b28bd1080383fba3abb54b3cbf03134cbefd7db
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:39:06 2022 +1200
CVE-2021-20251 s4-rpc_server: Use user privileges for SAMR password change
We don't (and shouldn't) need system prvileges to perform the password
change, so drop to the privileges of the user by setting
DSDB_SESSION_INFO. We need to reuse the same sam_ctx: creating a new one
with only user privileges would not work, because any database
modifications would be blocked by the transaction taken out on the
original context.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f74f92aea164af40d9177b332778a76d7ecabcbd)
commit b8c123d02d0d0968bfc8548e57931342dd77e068
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:37:52 2022 +1200
CVE-2021-20251 s4-rpc_server: Use authsam_search_account() to find the user
This helps the bad password and audit log handling code as it
allows assumptions to be made about the attributes found in
the variable "msg", such as that DSDB_SEARCH_SHOW_EXTENDED_DN
was used.
This ensures we can re-search on the DN via the embedded GUID,
which in in turn rename-proof.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit fabbea25310a31c0409b1c11eaced39bd8cde8dd)
commit 0044f598dd4d81f25070a3e482f81bf7b5a4d4e2
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Sep 6 14:54:08 2022 +1200
s3:rpc_server: Use BURN_STR() to zero password
This ensures these calls are not optimised away.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 1258746ba85b8702628f95a19aba9afea96eab8b)
commit 3d7a2a3603efcf05708b8f4078c92110fe9779a6
Author: Pavel Filipenský <pfilipensky at samba.org>
Date: Mon Aug 8 17:47:28 2022 +0200
lib:replace: Add macro BURN_STR() to zero memory of a string
Signed-off-by: Pavel Filipenský <pfilipensky at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 8564380346ace981b957bb8464f2ecf007032062)
commit beb63ae03b7dd98f2ed58345fc06b659ea5c11b6
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:35:50 2022 +1200
libcli:auth: Keep passwords from convert_string_talloc() secret
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 6edf88f5c40421b9881666a2e78038ea9c547c24)
commit c3d6964fccd088d415d6fce3bc5ed8bb324ea826
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:35:33 2022 +1200
lib:util: Check memset_s() error code in talloc_keep_secret_destructor()
Panic if memset_s() fails.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 03a50d8f7d872b6ef701d1207061c88b73d171bb)
commit 3e54aabd9e38a0f2020dd0359613244cf578c719
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Jul 5 20:17:33 2022 +1200
CVE-2021-20251 s3: Ensure bad password count atomic updates for SAMR password change
The bad password count is supposed to limit the number of failed login
attempt a user can make before being temporarily locked out, but race
conditions between processes have allowed determined attackers to make
many more than the specified number of attempts. This is especially
bad on constrained or overcommitted hardware.
To fix this, once a bad password is detected, we reload the sam account
information under a user-specific mutex, ensuring we have an up to
date bad password count.
Derived from a similar patch to source3/auth/check_samsec.c by
Jeremy Allison <jra at samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 65c473d4a53fc8a22a0d531aff45203ea3a4d99b)
commit 5c8bbe3e74c04d44c8c118bf3a81306ead02ddb5
Author: Jeremy Allison <jra at samba.org>
Date: Mon Jan 11 12:11:35 2021 -0800
CVE-2021-20251 s3: ensure bad password count atomic updates
The bad password count is supposed to limit the number of failed login
attempt a user can make before being temporarily locked out, but race
conditions between processes have allowed determined attackers to make
many more than the specified number of attempts. This is especially
bad on constrained or overcommitted hardware.
To fix this, once a bad password is detected, we reload the sam account
information under a user-specific mutex, ensuring we have an up to
date bad password count.
Discovered by Nathaniel W. Turner.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 8587734bf989aeaafa9d09d78d0f381caf52d285)
commit 13efa6261883edefd80267db7063d138aa8b5554
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Mon Jul 4 20:51:38 2022 +1200
CVE-2021-20251 s4:auth_winbind: Check return status of authsam_logon_success_accounting()
This may return an error if we find the account is locked out.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 268ea7bef5af4b9c8a02f4f5856113ff0664d9e8)
commit b3f48fae13ed7538b5997b90682615f0cafb1b49
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Sat Jul 9 15:55:02 2022 +1200
CVE-2021-20251 s4-rpc_server: Check badPwdCount update return status
If the account has been locked out in the meantime (indicated by
NT_STATUS_ACCOUNT_LOCKED_OUT), we should return the appropriate error
code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit a268a1a0e304d0702469e4ac146d8af5e7384c39)
commit 5befe31c651419cfae9ff31e25290e2952441670
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Sat Jul 9 15:54:52 2022 +1200
CVE-2021-20251 s4:kdc: Check badPwdCount update return status
If the account has been locked out in the meantime (indicated by
NT_STATUS_ACCOUNT_LOCKED_OUT), we should return the appropriate error
code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit bdfc9d96f8fe5070ab8a189bbf42ccb7e77afb73)
[jsutton at samba.org Fixed knownfail conflicts due to not having claims
tests]
commit 4adcada4104294d2b7e30617fee2f959e93e908e
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Fri Jul 1 15:04:41 2022 +1200
CVE-2021-20251 s4:kdc: Check return status of authsam_logon_success_accounting()
If we find that the user has been locked out sometime during the request
(due to a race), we will now return an error code.
Note that we cannot avoid the MIT KDC aspect of the issue by checking
the return status of mit_samba_zero_bad_password_count(), because
kdb_vftabl::audit_as_req() returning void means we cannot pass on the
result.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit b1e740896ebae14ba64250da2f718e1d707e9eed)
commit 5f1bafdd3f042a42f0cb9f5dec3345d24c3586d9
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Wed Jul 6 11:11:43 2022 +1200
CVE-2021-20251 s4:kdc: Move logon success accounting code into existing branch
This simplifies the code for the following commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 2b593c34c4f5cb82440b940766e53626c1cbec5b)
commit 4d0cba69c8f0d2f4426f3889b40f2f6b161aef25
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Sat Jul 9 15:54:12 2022 +1200
CVE-2021-20251 s4:dsdb: Make badPwdCount update atomic
We reread the account details inside the transaction in case the account
has been locked out in the meantime. If it has, we return the
appropriate error code.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 96479747bdb5bc5f33d903085f5f69793f369e3a)
commit 254e94892cd3b561f5d17e7008b792fa7948c68b
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Sat Jul 9 15:44:21 2022 +1200
CVE-2021-20251 s4:dsdb: Update bad password count inside transaction
Previously, there was a gap between calling dsdb_update_bad_pwd_count()
and dsdb_module_modify() where no transaction was in effect. Another
process could slip in and modify badPwdCount, only for our update to
immediately overwrite it. Doing the update inside the transaction will
help for the following commit when we make it atomic.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit a65147a9e98ead70869cdfa20ffcc9c167dbf535)
commit 3a96ccbb8414b2642836cf88ea5531040fc658b4
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Sat Jul 9 15:53:51 2022 +1200
CVE-2021-20251 s4-auth: Pass through error code from badPwdCount update
The error code may be NT_STATUS_ACCOUNT_LOCKED_OUT, which we use in
preference to NT_STATUS_WRONG_PASSWORD.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit d8a862cb811489abb67d4cf3a7fbd83d05c7e5cb)
commit 446cfe34523cbdd18b1407f0ed219996b7c0e1b1
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Mar 30 16:48:31 2021 +1300
CVE-2021-20251 auth4: Avoid reading the database twice by precaculating some variables
These variables are not important to protect against a race with
and a double-read can easily be avoided by moving them up the file
a little.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit b5f78b7b895a6b92cfdc9221b18d67ab18bc2a24)
commit 1167352291264d5e1c4b1617603f77e902beb1c8
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Mar 25 15:33:08 2021 +1300
CVE-2021-20251 auth4: Inline samdb_result_effective_badPwdCount() in authsam_logon_success_accounting()
By bringing this function inline it can then be split out in a
subsequent commit.
Based on work by Gary Lockyer <gary at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 712181032a47318576ef35f6a6cf0f958aa538fb)
commit ffe43511bb9ed9e5bb91273d13b63e1655ee1240
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Mar 25 14:42:39 2021 +1300
CVE-2021-20251 auth4: Split authsam_calculate_lastlogon_sync_interval() out
authsam_calculate_lastlogon_sync_interval() is split out of authsam_update_lastlogon_timestamp()
Based on work by Gary Lockyer <gary at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 55147335aec8194b6439169b040556a96db22e95)
commit fa22c9bf2bee98245fdfecbeb360bc2f11d9de89
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Thu Mar 25 11:30:59 2021 +1300
CVE-2021-20251 auth4: Return only the result message and free the surrounding result
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit b954acfde258a1909ed60c1c3e1015701582719f)
commit e0fdfce1327c8c68da99689fe3a3d6fc34f0dfca
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Mar 30 16:35:44 2021 +1300
CVE-2021-20251 auth4: Add missing newline to debug message on PSO read failure
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 4a9e0fdccfa218fbb2c3eb87e1a955ade0364b98)
commit d07f34ec394c75f0530366fb010e3804c0570468
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Mar 30 18:01:39 2021 +1300
CVE-2021-20251 s4 auth: make bad password count increment atomic
Ensure that the bad password count is incremented atomically,
and that the successful logon accounting data is updated atomically.
Use bad password indicator (in a distinct TDB) to determine if to open a transaction
We open a transaction when we have seen the hint that this user
has recorded a bad password. This allows us to avoid always
needing one, while not missing a possible lockout.
We also go back and get a transation if we did not take out
one out but we chose to do a write (eg for lastLogonTimestamp)
Based on patches by Gary Lockyer <gary at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit de4cc0a3dae89f3e51a099282615cf80c8539e11)
commit 180784c49b34a1cca30d2bfbef7397e9b6826d20
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Jul 5 20:17:49 2022 +1200
CVE-2021-20251 auth4: Detect ACCOUNT_LOCKED_OUT error for password change
This is more specific than NT_STATUS_UNSUCCESSFUL, and for the SAMR
password change, matches the result the call to samdb_result_passwords()
would give.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 336e303cf1962b56b64c0d9d2b05ac15d00e8692)
commit 2e4c6196d88fe22d3666bcc07091d8b00f015a0b
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Tue Feb 9 11:59:05 2021 +1300
CVE-2021-20251 s4 auth test: Unit tests for source4/auth/sam.c
cmocka unit tests for the authsam_reread_user_logon_data in
source4/auth/sam.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit d6cf245b96fb02edb3bcc52733d040d5f03fb918)
commit 674dbeaca0710e4493d53b427903b2ef4ec59788
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Mar 30 17:57:10 2021 +1300
CVE-2021-20251 auth4: Reread the user record if a bad password is noticed.
As is, this is pointless, as we need a transaction to make this
any less of a race, but this provides the steps towards that goal.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 7b8e32efc336fb728e0c7e3dd6fbe2ed54122124)
commit d57c4ea959927bf340c6326029db5a11941538a6
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Wed Jan 27 14:24:58 2021 +1300
CVE-2021-20251 s4 auth: Prepare to make bad password count increment atomic
To ensure that the bad password count is incremented atomically,
and that the successful logon accounting data is updated atomically,
without always opening a transaction, we will need to make a note
of all bad and successful passwords in a side-DB outside the
transaction lock.
This provides the functions needed for that and hooks them in
(future commits will handle errors and use the results).
Based on patches by Gary Lockyer <gary at catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 408717242aad8adf4551f2394eee2d80a06c7e63)
commit 2dc965ad1d85b3f77e734a74b52ce9049b5df536
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Tue Mar 16 10:52:58 2021 +1300
CVE-2021-20251 auth4: split samdb_result_msds_LockoutObservationWindow() out
samdb_result_msds_LockoutObservationWindow() is split out of
samdb_result_effective_badPwdCount()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 2087b0cd986b8959b2a402b9a1891472e47ca0b0)
commit 276d81368ecf057d462fca40c28cd68deb20b390
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Mar 30 10:51:26 2021 +1300
CVE-2021-20251 s4-rpc_server: Use authsam_search_account() to find the user
This helps the bad password and audit log handling code as it
allows assumptions to be made about the attributes found in
the variable "msg", such as that DSDB_SEARCH_SHOW_EXTENDED_DN
was used.
This ensures we can re-search on the DN via the embedded GUID,
which in in turn rename-proof.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 439f96a2cfe77f6cbf331d965a387512c2db91c6)
commit b82543978d112fb31fba593bde16161eefbf8dbe
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Mon Jul 4 20:48:48 2022 +1200
CVE-2021-20251 tests/krb5: Add tests for password lockout race
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 91e2e5616ccd507fcaf097533c5fc25974119c1e)
[jsutton at samba.org Fixed conflicts in usage.py, knownfails, and tests.py
due to not having claims tests]
commit 0b3604e6e0de7c03eeebb81ef8611dd4b6905c6f
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:35:19 2022 +1200
CVE-2021-20251 lib:crypto: Add Python functions for AES SAMR password change
These functions allow us to perform key derivation and AES256 encryption
in Python. They will be used in a following commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 4bb9d85fed8498566bdb87baa71a3147806baafc)
commit 518818b3c104b7d314265a6c631742384de30d76
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Wed Jul 13 14:20:59 2022 +1200
CVE-2021-20251 lib:crypto: Add md4_hash_blob() for hashing data with MD4
This lets us access MD4, which might not be available in hashlib, from
Python. This function is used in a following commit for hashing a
password to obtain the verifier for a SAMR password change.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 17b8d164f69a5ed79d9b7b7fc2f3f84f8ea534c8)
commit d4ae8610ea37bdd0ac2e6dcb59f858d9921f949b
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Wed Jul 6 15:36:26 2022 +1200
CVE-2021-20251 lib:crypto: Add des_crypt_blob_16() for encrypting data with DES
This lets us access single-DES from Python. This function is used in a
following commit for encrypting an NT hash to obtain the verifier for a
SAMR password change.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14611
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit b27a67af0216811d330d8a4c52390cf4fc04b5fd)
commit 1263a8a52130f095d946f019ea49125a43071f4e
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:34:55 2022 +1200
lib:crypto: Use constant time memory comparison to check HMAC
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 121e439e24a9c03ae900ffca1ae1dda8e059008c)
commit af7c57e03763e1851a9eaff648a50e4c9611265f
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:34:26 2022 +1200
lib:crypto: Check for overflow before filling pauth_tag array
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit cec59b82f7041a305c228091a84257c28e0818d5)
commit 7656b3e7b959b583fe84d82346f6b16716ef304e
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 15:21:43 2022 +1200
s4:torture: Zero samr_UserInfo union in password set test
If init_samr_CryptPasswordAES() does not fill the
u.info31.password.auth_data array completely, we may be comparing
uninitialised bytes.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 03f0e4d55be80a1a6dcc0dba8e6ed74d9da63dc3)
commit 1b0f292ecd0b931323390b27483f01d8c21be2ac
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 15:19:02 2022 +1200
lib:crypto: Zero auth_tag array in encryption test
If samba_gnutls_aead_aes_256_cbc_hmac_sha512_encrypt() does not fill the
array completely, we may be comparing uninitialised bytes.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit f9850c776f81d596ffbd2761c85fe7a72d369bae)
commit cb7fbb42df67c6baacb3b9d4982ae223025743ba
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Aug 2 14:01:59 2022 +1200
s3:rpc_server: Fix typo in error message
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 6932ccf3ccffbd9ab1907c4fb39b46c971e88d49)
-----------------------------------------------------------------------
Summary of changes:
lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c | 14 +-
lib/crypto/py_crypto.c | 321 +++
.../test_gnutls_aead_aes_256_cbc_hmac_sha512.c | 2 +-
lib/crypto/wscript | 2 +-
lib/replace/replace.h | 11 +
lib/util/talloc_keep_secret.c | 15 +-
libcli/auth/smbencrypt.c | 2 +
python/samba/tests/krb5/lockout_tests.py | 1088 ++++++++
python/samba/tests/krb5/raw_testcase.py | 10 +-
python/samba/tests/krb5/rfc4120_constants.py | 1 +
python/samba/tests/usage.py | 1 +
selftest/knownfail_mit_kdc | 10 +
selftest/tests.py | 2 +
source3/auth/check_samsec.c | 77 +
source3/rpc_server/samr/srv_samr_chgpasswd.c | 119 +-
source3/rpc_server/samr/srv_samr_nt.c | 149 +-
source3/rpc_server/samr/srv_samr_util.h | 8 +-
source4/auth/ntlm/auth_sam.c | 6 +-
source4/auth/ntlm/auth_winbind.c | 5 +-
source4/auth/sam.c | 707 ++++-
source4/auth/tests/sam.c | 2746 ++++++++++++++++++++
source4/auth/wscript_build | 11 +
source4/dsdb/common/util.c | 57 +-
source4/dsdb/samdb/ldb_modules/password_hash.c | 62 +-
source4/kdc/hdb-samba4.c | 51 +-
source4/rpc_server/samr/dcesrv_samr.c | 9 +-
source4/rpc_server/samr/samr_password.c | 159 +-
source4/selftest/tests.py | 7 +
source4/torture/rpc/samr.c | 2 +
29 files changed, 5379 insertions(+), 275 deletions(-)
create mode 100755 python/samba/tests/krb5/lockout_tests.py
create mode 100644 source4/auth/tests/sam.c
Changeset truncated at 500 lines:
diff --git a/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c b/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
index a05aa8a323c..e0877a03f52 100644
--- a/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
+++ b/lib/crypto/gnutls_aead_aes_256_cbc_hmac_sha512.c
@@ -124,6 +124,14 @@ samba_gnutls_aead_aes_256_cbc_hmac_sha512_encrypt(TALLOC_CTX *mem_ctx,
* TODO: Use gnutls_cipher_encrypt3()
*/
+ if (hmac_size > 64) {
+ /*
+ * We don't want to overflow 'pauth_tag', which is 64 bytes in
+ * size.
+ */
+ return NT_STATUS_INVALID_BUFFER_SIZE;
+ }
+
if (plaintext->length + aes_block_size < plaintext->length) {
return NT_STATUS_INVALID_BUFFER_SIZE;
}
@@ -274,7 +282,7 @@ samba_gnutls_aead_aes_256_cbc_hmac_sha512_decrypt(TALLOC_CTX *mem_ctx,
uint8_t padding;
size_t i;
NTSTATUS status;
- int cmp;
+ bool equal;
int rc;
if (cdk->length == 0 || ciphertext->length == 0 ||
@@ -325,8 +333,8 @@ samba_gnutls_aead_aes_256_cbc_hmac_sha512_decrypt(TALLOC_CTX *mem_ctx,
}
gnutls_hmac_deinit(hmac_hnd, auth_data);
- cmp = memcmp(auth_data, auth_tag, sizeof(auth_data));
- if (cmp != 0) {
+ equal = mem_equal_const_time(auth_data, auth_tag, sizeof(auth_data));
+ if (!equal) {
return NT_STATUS_DECRYPTION_FAILED;
}
diff --git a/lib/crypto/py_crypto.c b/lib/crypto/py_crypto.c
index ad18d3ada0f..11659556884 100644
--- a/lib/crypto/py_crypto.c
+++ b/lib/crypto/py_crypto.c
@@ -25,6 +25,53 @@
#include <gnutls/gnutls.h>
#include <gnutls/crypto.h>
#include "lib/crypto/gnutls_helpers.h"
+#include "lib/crypto/md4.h"
+#include "libcli/auth/libcli_auth.h"
+#include "libcli/util/pyerrors.h"
+
+#ifdef HAVE_GNUTLS_PBKDF2
+static bool samba_gnutls_datum_from_PyObject(PyObject *py_obj,
+ gnutls_datum_t *datum)
+{
+ uint8_t *data = NULL;
+ Py_ssize_t size;
+
+ int ret;
+
+ ret = PyBytes_AsStringAndSize(py_obj,
+ (char **)&data,
+ &size);
+ if (ret != 0) {
+ return false;
+ }
+
+ datum->data = data;
+ datum->size = size;
+
+ return true;
+}
+#endif /* HAVE_GNUTLS_PBKDF2 */
+
+static bool samba_DATA_BLOB_from_PyObject(PyObject *py_obj,
+ DATA_BLOB *blob)
+{
+ uint8_t *data = NULL;
+ Py_ssize_t size;
+
+ int ret;
+
+ ret = PyBytes_AsStringAndSize(py_obj,
+ (char **)&data,
+ &size);
+ if (ret != 0) {
+ return false;
+ }
+
+ blob->data = data;
+ blob->length = size;
+
+ return true;
+}
static PyObject *py_crypto_arcfour_crypt_blob(PyObject *module, PyObject *args)
{
@@ -100,13 +147,287 @@ static PyObject *py_crypto_set_strict_mode(PyObject *module)
Py_RETURN_NONE;
}
+static PyObject *py_crypto_des_crypt_blob_16(PyObject *self, PyObject *args)
+{
+ PyObject *py_data = NULL;
+ uint8_t *data = NULL;
+ Py_ssize_t data_size;
+
+ PyObject *py_key = NULL;
+ uint8_t *key = NULL;
+ Py_ssize_t key_size;
+
+ uint8_t result[16];
+
+ bool ok;
+ int ret;
+
+ ok = PyArg_ParseTuple(args, "SS",
+ &py_data, &py_key);
+ if (!ok) {
+ return NULL;
+ }
+
+ ret = PyBytes_AsStringAndSize(py_data,
+ (char **)&data,
+ &data_size);
+ if (ret != 0) {
+ return NULL;
+ }
+
+ ret = PyBytes_AsStringAndSize(py_key,
+ (char **)&key,
+ &key_size);
+ if (ret != 0) {
+ return NULL;
+ }
+
+ if (data_size != 16) {
+ return PyErr_Format(PyExc_ValueError,
+ "Expected data size of 16 bytes; got %zd",
+ data_size);
+ }
+
+ if (key_size != 14) {
+ return PyErr_Format(PyExc_ValueError,
+ "Expected key size of 14 bytes; got %zd",
+ key_size);
+ }
+
+ ret = des_crypt112_16(result, data, key,
+ SAMBA_GNUTLS_ENCRYPT);
+ if (ret != 0) {
+ return PyErr_Format(PyExc_RuntimeError,
+ "des_crypt112_16() failed: %d",
+ ret);
+ }
+
+ return PyBytes_FromStringAndSize((const char *)result,
+ sizeof(result));
+}
+
+static PyObject *py_crypto_md4_hash_blob(PyObject *self, PyObject *args)
+{
+ PyObject *py_data = NULL;
+ uint8_t *data = NULL;
+ Py_ssize_t data_size;
+
+ uint8_t result[16];
+
+ bool ok;
+ int ret;
+
+ ok = PyArg_ParseTuple(args, "S",
+ &py_data);
+ if (!ok) {
+ return NULL;
+ }
+
+ ret = PyBytes_AsStringAndSize(py_data,
+ (char **)&data,
+ &data_size);
+ if (ret != 0) {
+ return NULL;
+ }
+
+ mdfour(result, data, data_size);
+
+ return PyBytes_FromStringAndSize((const char *)result,
+ sizeof(result));
+}
+
+static PyObject *py_crypto_sha512_pbkdf2(PyObject *self, PyObject *args)
+{
+#ifdef HAVE_GNUTLS_PBKDF2
+ PyObject *py_key = NULL;
+ uint8_t *key = NULL;
+ gnutls_datum_t key_datum = {0};
+
+ PyObject *py_salt = NULL;
+ gnutls_datum_t salt_datum = {0};
+
+ uint8_t result[16];
+
+ unsigned iterations = 0;
+
+ bool ok;
+ int ret;
+ NTSTATUS status;
+
+ ok = PyArg_ParseTuple(args, "SSI",
+ &py_key, &py_salt, &iterations);
+ if (!ok) {
+ return NULL;
+ }
+
+ ok = samba_gnutls_datum_from_PyObject(py_key, &key_datum);
+ if (!ok) {
+ return NULL;
+ }
+
+ ok = samba_gnutls_datum_from_PyObject(py_salt, &salt_datum);
+ if (!ok) {
+ return NULL;
+ }
+
+ ret = gnutls_pbkdf2(GNUTLS_MAC_SHA512,
+ &key_datum,
+ &salt_datum,
+ iterations,
+ result,
+ sizeof(result));
+ BURN_DATA(key);
+ if (ret < 0) {
+ status = gnutls_error_to_ntstatus(ret, NT_STATUS_CRYPTO_SYSTEM_INVALID);
+ PyErr_SetNTSTATUS(status);
+ return NULL;
+ }
+
+ return PyBytes_FromStringAndSize((const char *)result,
+ sizeof(result));
+#else /* HAVE_GNUTLS_PBKDF2 */
+ PyErr_SetString(PyExc_NotImplementedError, "gnutls_pbkdf2() is not available");
+ return NULL;
+#endif /* HAVE_GNUTLS_PBKDF2 */
+}
+
+static PyObject *py_crypto_aead_aes_256_cbc_hmac_sha512_blob(PyObject *self, PyObject *args)
+{
+ TALLOC_CTX *ctx = NULL;
+
+ PyObject *py_ciphertext = NULL;
+ DATA_BLOB ciphertext_blob = {0};
+
+ PyObject *py_auth_data = NULL;
+ PyObject *py_result = NULL;
+
+ PyObject *py_plaintext = NULL;
+ DATA_BLOB plaintext_blob = {0};
+ PyObject *py_cek = NULL;
+ DATA_BLOB cek_blob = {0};
+ PyObject *py_key_salt = NULL;
+ DATA_BLOB key_salt_blob = {0};
+ PyObject *py_mac_salt = NULL;
+ DATA_BLOB mac_salt_blob = {0};
+ PyObject *py_iv = NULL;
+ DATA_BLOB iv_blob = {0};
+
+ uint8_t auth_data[64];
+
+ bool ok;
+ NTSTATUS status;
+
+ ok = PyArg_ParseTuple(args, "SSSSS",
+ &py_plaintext,
+ &py_cek,
+ &py_key_salt,
+ &py_mac_salt,
+ &py_iv);
+ if (!ok) {
+ return NULL;
+ }
+
+ /* Create data blobs from the contents of the function parameters. */
+
+ ok = samba_DATA_BLOB_from_PyObject(py_plaintext, &plaintext_blob);
+ if (!ok) {
+ return NULL;
+ }
+
+ ok = samba_DATA_BLOB_from_PyObject(py_cek, &cek_blob);
+ if (!ok) {
+ return NULL;
+ }
+
+ ok = samba_DATA_BLOB_from_PyObject(py_key_salt, &key_salt_blob);
+ if (!ok) {
+ return NULL;
+ }
+
+ ok = samba_DATA_BLOB_from_PyObject(py_mac_salt, &mac_salt_blob);
+ if (!ok) {
+ return NULL;
+ }
+
+ ok = samba_DATA_BLOB_from_PyObject(py_iv, &iv_blob);
+ if (!ok) {
+ return NULL;
+ }
+
+ ctx = talloc_new(NULL);
+ if (ctx == NULL) {
+ return PyErr_NoMemory();
+ }
+
+ /* Encrypt the plaintext. */
+ status = samba_gnutls_aead_aes_256_cbc_hmac_sha512_encrypt(ctx,
+ &plaintext_blob,
+ &cek_blob,
+ &key_salt_blob,
+ &mac_salt_blob,
+ &iv_blob,
+ &ciphertext_blob,
+ auth_data);
+ if (!NT_STATUS_IS_OK(status)) {
+ PyErr_SetNTSTATUS(status);
+ talloc_free(ctx);
+ return NULL;
+ }
+
+ /* Convert the output into Python 'bytes' objects. */
+ py_ciphertext = PyBytes_FromStringAndSize((const char *)ciphertext_blob.data,
+ ciphertext_blob.length);
+ talloc_free(ctx);
+ if (py_ciphertext == NULL) {
+ return NULL;
+ }
+ py_auth_data = PyBytes_FromStringAndSize((const char *)auth_data,
+ sizeof(auth_data));
+ if (py_auth_data == NULL) {
+ return NULL;
+ }
+
+ /* Steal ciphertext and auth_data into a new tuple. */
+ py_result = Py_BuildValue("(NN)", py_ciphertext, py_auth_data);
+
+ return py_result;
+}
+
+
+
static const char py_crypto_arcfour_crypt_blob_doc[] = "arcfour_crypt_blob(data, key)\n"
"Encrypt the data with RC4 algorithm using the key";
+static const char py_crypto_des_crypt_blob_16_doc[] = "des_crypt_blob_16(data, key) -> bytes\n"
+ "Encrypt the 16-byte data with DES using "
+ "the 14-byte key";
+
+static const char py_crypto_md4_hash_blob_doc[] = "md4_hash_blob(data) -> bytes\n"
+ "Hash the data with MD4 algorithm";
+
+static const char py_crypto_sha512_pbkdf2_doc[] = "sha512_pbkdf2(key, salt, iterations) -> bytes\n"
+ "Derive a key from an existing one with SHA512 "
+ "algorithm";
+
+static const char py_crypto_aead_aes_256_cbc_hmac_sha512_blob_doc[] =
+ "aead_aes_256_cbc_hmac_sha512_blob(plaintext, cek, key_salt, "
+ "mac_salt, iv) -> ciphertext, auth_data\n"
+ "Encrypt the plaintext with AES256 as specified in "
+ "[MS-SAMR] 3.2.2.4 AES Cipher Usage";
+
static PyMethodDef py_crypto_methods[] = {
{ "arcfour_crypt_blob", (PyCFunction)py_crypto_arcfour_crypt_blob, METH_VARARGS, py_crypto_arcfour_crypt_blob_doc },
{ "set_relax_mode", (PyCFunction)py_crypto_set_relax_mode, METH_NOARGS, "Set fips to relax mode" },
{ "set_strict_mode", (PyCFunction)py_crypto_set_strict_mode, METH_NOARGS, "Set fips to strict mode" },
+ { "des_crypt_blob_16", (PyCFunction)py_crypto_des_crypt_blob_16, METH_VARARGS, py_crypto_des_crypt_blob_16_doc },
+ { "md4_hash_blob", (PyCFunction)py_crypto_md4_hash_blob, METH_VARARGS, py_crypto_md4_hash_blob_doc },
+ { "sha512_pbkdf2", (PyCFunction)py_crypto_sha512_pbkdf2, METH_VARARGS, py_crypto_sha512_pbkdf2_doc },
+ {
+ "aead_aes_256_cbc_hmac_sha512_blob",
+ (PyCFunction)py_crypto_aead_aes_256_cbc_hmac_sha512_blob,
+ METH_VARARGS,
+ py_crypto_aead_aes_256_cbc_hmac_sha512_blob_doc
+ },
{0},
};
diff --git a/lib/crypto/tests/test_gnutls_aead_aes_256_cbc_hmac_sha512.c b/lib/crypto/tests/test_gnutls_aead_aes_256_cbc_hmac_sha512.c
index 51f125f42d6..bc6a191cd90 100644
--- a/lib/crypto/tests/test_gnutls_aead_aes_256_cbc_hmac_sha512.c
+++ b/lib/crypto/tests/test_gnutls_aead_aes_256_cbc_hmac_sha512.c
@@ -187,7 +187,7 @@ static void torture_encrypt(void **state)
.length = sizeof(salt_data),
};
DATA_BLOB ctext;
- uint8_t auth_tag[64];
+ uint8_t auth_tag[64] = {0};
assert_int_equal(iv.length, 16);
diff --git a/lib/crypto/wscript b/lib/crypto/wscript
index 78927437e37..acf5cb8e731 100644
--- a/lib/crypto/wscript
+++ b/lib/crypto/wscript
@@ -81,7 +81,7 @@ def build(bld):
bld.SAMBA_PYTHON('python_crypto',
source='py_crypto.c',
- deps='gnutls talloc',
+ deps='gnutls talloc LIBCLI_AUTH',
realname='samba/crypto.so')
bld.SAMBA_BINARY('test_gnutls_aead_aes_256_cbc_hmac_sha512',
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index da5526c4a2f..bd7f6e53e81 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -864,6 +864,17 @@ typedef unsigned long long ptrdiff_t ;
*/
#define BURN_PTR_SIZE(x, s) memset_s((x), (s), 0, (s))
+/**
+ * Explicitly zero data in string. This is guaranteed to be not optimized
+ * away.
+ */
+#define BURN_STR(x) do { \
+ if ((x) != NULL) { \
+ size_t s = strlen(x); \
+ memset_s((x), s, 0, s); \
+ } \
+ } while(0)
+
/**
* Work out how many elements there are in a static array.
*/
diff --git a/lib/util/talloc_keep_secret.c b/lib/util/talloc_keep_secret.c
index 70d449b5f12..21048659e5d 100644
--- a/lib/util/talloc_keep_secret.c
+++ b/lib/util/talloc_keep_secret.c
@@ -22,13 +22,26 @@
static int talloc_keep_secret_destructor(void *ptr)
{
+ int ret;
size_t size = talloc_get_size(ptr);
if (unlikely(size == 0)) {
return 0;
}
- memset_s(ptr, size, 0, size);
+ ret = memset_s(ptr, size, 0, size);
+ if (unlikely(ret != 0)) {
+ char *msg = NULL;
+ int ret2;
+ ret2 = asprintf(&msg,
+ "talloc_keep_secret_destructor: memset_s() failed: %s",
+ strerror(ret));
+ if (ret2 != -1) {
+ smb_panic(msg);
+ } else {
+ smb_panic("talloc_keep_secret_destructor: memset_s() failed");
+ }
+ }
return 0;
}
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c
index 7abf6613d80..8492202ea93 100644
--- a/libcli/auth/smbencrypt.c
+++ b/libcli/auth/smbencrypt.c
@@ -975,6 +975,7 @@ bool decode_pw_buffer(TALLOC_CTX *ctx,
DBG_ERR("Failed to convert incoming password\n");
return false;
}
+ talloc_keep_secret(*pp_new_pwrd);
#ifdef DEBUG_PASSWORD
DEBUG(100,("decode_pw_buffer: new_pwrd: "));
@@ -1067,6 +1068,7 @@ bool decode_pwd_string_from_buffer514(TALLOC_CTX *mem_ctx,
if (!ok) {
return false;
}
+ talloc_keep_secret(decoded_password->data);
return true;
}
diff --git a/python/samba/tests/krb5/lockout_tests.py b/python/samba/tests/krb5/lockout_tests.py
new file mode 100755
index 00000000000..e49e82a4bd5
--- /dev/null
+++ b/python/samba/tests/krb5/lockout_tests.py
@@ -0,0 +1,1088 @@
+#!/usr/bin/env python3
+# Unix SMB/CIFS implementation.
+# Copyright (C) Stefan Metzmacher 2020
+# Copyright (C) Catalyst.Net Ltd
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
--
Samba Shared Repository
More information about the samba-cvs
mailing list